From 5df18ce97c1e09724e71012a52ba18e232bb093c Mon Sep 17 00:00:00 2001
From: f <f@sutty.nl>
Date: Fri, 13 Sep 2019 17:10:50 -0300
Subject: [PATCH] fix permissions and domains

---
 certbot.sh | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/certbot.sh b/certbot.sh
index 6b03373..729e2ed 100644
--- a/certbot.sh
+++ b/certbot.sh
@@ -31,7 +31,7 @@ case $1 in
       | jq --raw-output .[] \
       | while read name; do
           # If the site name doesn't end with a dot, it's a subdomain
-          domain="$(echo "${name}" | sed "s/[^\.]$/&${SUTTY}/")"
+          domain="$(echo "${name}" | sed "s/[^\.]$/&.${SUTTY}/")"
           domain="${domain%.}"
 
           # Skip already existing domains
@@ -45,4 +45,9 @@ case $1 in
                                     --webroot-path /var/lib/letsencrypt \
                                     -d "${domain}"
         done
+
+    # Fix permissions, users in group ssl have read access
+    find /etc/letsencrypt -type d | xargs -r chmod 2750
+    find /etc/letsencrypt -type f | xargs -r chmod 640
+    chgrp -R ssl /etc/letsencrypt
 esac